Описание
In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00037
Низкий
4.4 Medium
CVSS3
5.1 Medium
CVSS3
Дефекты
CWE-190
CWE-125
Связанные уязвимости
CVSS3: 5.1
github
больше 1 года назад
In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
EPSS
Процентиль: 11%
0.00037
Низкий
4.4 Medium
CVSS3
5.1 Medium
CVSS3
Дефекты
CWE-190
CWE-125